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IN THE CLAIMS 
Please amend the claims as follows: 

Claim 1 (Currently Amended): In an authentication system in which an 
authentication server which authenticates a user, a user terminal which transmits a user 
authentication information, and an application server which provides a service to the user 
through the user terminal are connected together to enable a communication therebetween 
through a network; an address based authentication system in which 

the authentication server comprises 

authentication means for authenticating a user based on the user authentication 
information transmitted as an authentication request from the user terminal; 

an address allocating means for allocating an address to the user terminal for a 
successful authentication of the user; 

authentication information generating means for generating information for 
authentication from information including the allocated address; 

a ticket issuing means for issuing a ticket containing the allocated address allocated 
by the address allocating means and the information for authentication ; 

and a ticket transmitting means for transmitting the ticket issued by the ticket issuing 
means to the user terminal; 

the user terminal comprises 

a user authentication information transmitting means for transmitting [[a]] user 
authentication information to the authentication server for purpose of an authentication 
request; 

a ticket reception means for receiving [[a]] the ticket containing the allocated address 
transmitted from the authentication server; 
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means for setting up [[an]] the allocated address contained in the ticket as a source 
address for a packet which is to be transmitted from the user terminal; 

means for transmitting a packet including the ticket to the application server for 
establishing a session; 

and a service request means for transmitting a packet requesting a service to the 
application server through the session ; 

and the application server comprises 

a ticket memory means for storing the ticket transmitted from the user terminal; 

ticket verifying means for verifying the presence or absence of any forgery in the 
information for authentication in the ticket transmitted from the user terminal and storing the 
ticket in the ticket memory means in the absence of a forgery ; 

an address comparison means for determining whether or not the allocated address 
contained in the ticket which is stored in the ticket memory means coincides with the source 
address of the service request packet which is transmitted from the user terminal through the 
session; 

and a service providing means for transmitting to the user [[a]] terminal packets 
pack e t which provides a service to the user when a coincidence between the addresses is 
determined by the address comparison means. 

Claim 2 (Currently Amended): An authentication system according to Claim 1 
in which the user terminal has a key information relating to a privat e public key of the 
user terminal, 

the user authentication information transmitting means being means for transmitting 
the key information also together with the user authentication information, and the ticket 
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issuing means being means for issuing [[a]] the ticket also containing the key information 
which is transmitted from the user terminal, 
the user terminal further comprising 

a session key generating means for calculating a session secret key which is shared 
with the application server., from a private key of the user terminal and a public key of the 
application server; 

and a packet cryptographic processing means for performing a processing upon a 
packet to be transmitted to the application server by the session secret key from th e us e r 
t e rminal to guarantee that there is no forgery in the packet by th e s es sion s e cret k e y ; 

the application server further comprising 

a session key generating means for calculating a session secret key which is shared 
with the user terminal, from a the private key of the application server and a public key of the 
user terminal; 

a packet verifying means for confirming whether or not the packet received from the 
user terminal is forged using the session secret key; 

and wherein said [[a]] ticket verifying means is configured to verify for v e rifying 
whether or not the key information contained in the ticket of the packet, which has been 
verified as not being forged^ is information relating to the privat e public key of the user 
terminal, and if not th e tick e t v e rifying moans pr e v e nting prevent the ticket from being 
stored in the ticket memory means when th e key information i s not a r e lating information . 

Claim 3 (Currently Amended): An authentication system according to Claim 2 

in which a transmission of th e tick e t from th e user terminal tak e s plac e in t e rms of a 

pack e t, 

the application server further comprising 
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an address collating means for collating the address in the ticket transmitted from the 

user terminal against the source address of the packet which includes the ticket and for 

preventing the ticket from being stored in the ticket memory means if a coincidence is not 

found. 

Claim 4 (Original): An authentication system according to Claim 2 in which the 
authentication server comprises a user identifier allocating means for allocating a user 
identifier which corresponds to the authenticated user in response to the authentication 
request for a successful authentication of the user, 

the ticket issuing means being means for issuing the ticket inclusive of the user 
identifier. 

Claim 5 (Currently Amended): An authentication system according Claim 1 
in which the tick e t issuing means of th e auth e ntication se rv e r compris e s m e ans 
including an authentication information generating means is configured to process the 
information including the allocated address with for g e n e rating an auth e ntication information 
for a provisional tick e t u s ing a shared secret key which is shared beforehand between the 
authentication server and the application server and for i s suing th e tick e t containing th e 
auth e ntication information , 

the ticket verifying means of the application server configured to further verify 
comprising an auth e ntication information v e rifi e r for v e rifying the presenc e or ab se nc e of any 
forgery in the auth e ntication information for authentication contained in the ticket using a 
shared secret key which is beforehand shared between the authentication server and th e 
application se rv e r and for pr e v e nting th e tick e t from b e ing stor e d in th e tick e t memory m e ans 
in th e pr e s e nc e of a forg e ry . 
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Claim 6 (Currently Amended): An authentication system according to Claim l a 
wherein 

in which th e transmission of th e tick e t from th e us e r t e rminal tak es place in t e rms of a 

pack e t, 

the application server comprising comprises an address collating means for collating 
the address in the ticket which is transmitted from the user terminal against the source 
address of the packet which includes the ticket and for preventing the ticket from being stored 
when a coincidence is not found. 

Claim 7 (Currently Amended): An authentication server in an authentication system 
in which an authentication of a user utilizing a user terminal is performed through the user 
terminal by an authentication server and a request is made to an application server to provide 
a service on the basis of the authentication; comprising 

a user authentication information reception means for receiving an authentication 
request inclusive of a user authentication information and key information relating to a public 
key of the user terminal both transmitted from the user terminal; 

an authentication means to which the user authentication information of the received 
authentication request is input and which authenticates the user on the basis of the user 
authentication information and providing a signal indicating a successful authentication upon 
a successful authentication; 

an address allocating means for allocating an address to the user terminal in response 
to an input of the signal indicating a successful authentication of the user; 
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authentication information generating means for generating information for 
authentication from information including at least the allocated address and the key 
information; 

a ticket issuing means for issuing a ticket containing to which the allocated address 
allocated by the address allocating means, the key information and the information for 
authentication to the user terminal whose user is authenticated by the authentication means is 
input and which issu e s a tick e t containing th e addr e ss ; 

and a ticket transmitting means to which the ticket is input and which transmits the 
ticket to the user terminal. 

Claim 8 (Currently Amended): An authentication server according to Claim 7, furth e r 
comprising wherein the [[an]] authentication information generating means is configured to 
generate the information for generating an authentication by processing the information 
including for information which includes at l e ast the allocated address and the ket 
information using a shared secret key which is beforehand shared between the authentication 
server and the application server 

the tick e t issuing m e ans b e ing means for issuing the tick e t inclusiv e of th e 
auth e ntication information . 

Claim 9 (Currently Amended): An authentication server according to Claim 7, further 
comprising 

a user identifier allocating means for allocating a user identifier which corresponds to 
the authenticated user in response to the authentication request when the signal indicating a 
successful authentication of the user is successful input , 
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wherein the tick e t i s suing authentication information generating means is configured 
to process the information including the allocated address, the key information and the user 
identifier to produce the information for authentication and the ticket issuing means is 
configured to combine at least the information for authentication, the allocated address, the 
key information and the user identifier to form being m e ans for issuing the ticket inclusive of 
th e us e r id e ntifi e r . 

Claim 10 (Currently Amended): An authentication server according to Claim 9 in 
which the user identifier allocating means is configured to encrypt moans to which 
information which directly id e ntifies th e us e r is input and which encrypts information which 
directly identifies the user by using an identifier generating secret key of the authentication 
server to produce , th e e ncrypt e d information b e ing the user identifier. 

Claim 1 1 (Cancelled). 

Claim 12 (Currently Amended): A user terminal in an authentication system in which 
an authentication of a user utilizing a user terminal is performed by an authentication server 
and a request to provide a service is made to an application server on the basis of the 
authentication, comprising 

a u se r auth e ntication information transmitting m e ans for transmitting a us e r 
authentication information which is input to an auth e ntication se rv e r for purpos e of an 
auth e ntication r e qu e st; 

a ticket reception means for receiving a ticket transmitted from the authentication 
server , said ticket containing an address allocated to the user terminal, key information 
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relating to a public key of the user terminal and information for authentication produced by 
processing information including the allocated address and the key information ; 

a source address set-up means to which the received ticket is input and which sets up 
[[an]] the allocated address contained in the ticket as a source address of the user terminal; 

a session establishing means to which the ticket is input and which transmits a packet 
including the ticket to [[an]] the application server for establishing a session with the 
application server; 

and a service request means for transmitting a packet representing a service request to 
the application server through the established session; 

a key information generating means to which a public key of the user terminal is input 
and which generates a key information relating to the public key of the user terminal; 

a session key generating means to which a private key of the user terminal and an 
public key of an application server are input and which calculates a session secret key which 
is shared with the application server; 

and a packet cryptographic processing means to which a packet to be transmitted from 
the user terminal and the session secret key are input and which applies a processing to the 
transmitted packet which guarantees that there is no forgery in the packet by the session 
secret key; 

a user authentication information transmitting means configured to transmit the key 
information together with the user authentication information to the authentication server . 

Claim 13 (Cancelled). 

Claim 14 (Original): A user terminal according to Claim 12, further comprising 
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a key information generating means to which an authentication purpose shared secret 
key which is shared with the application server and a session dependent information which 
changes each time a session is established are input and which generates a key information by 
processing the session dependent information by the authentication purpose shared secret 
key; 

the user authentication information transmitting means being means to which the key 
information is also input and which transmits the key information together with the user 
authentication information. 

Claim 15 (Currently Amended): An application server in an authentication system in 
which an authentication of a user utilizing a user terminal is performed by an authentication 
server and a request to provide a service is made to an application server on the basis of the 
authentication; comprising 

a session establishing means for establishing a session with a user terminal; 

a ticket memory means in which a ticket transmitted from the user terminal is stored; 

an address comparison means to which a source address of a service request packet 
which is transmitted from the user terminal and received through the established session is 
input and which determines whether or not the source address coincides with [[an]] the 
allocated address of the user terminal contained in the ticket stored in the ticket memory 
means; 

and a service providing means to which an output indicating a coincid e nc e from the 
addr e ss comparison means i s input and which transmits packets for providing a service to the 
user to the user terminal when the output of the address comparison means indicates a 
coincidence; 
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wherein said session establishing means comprises ticket verifying means for 
verifying authenticity of the ticket, which is received through a packet from the user terminal 
for establishing the session, by checking the information for authentication c ontained in the 
ticket and preventing the ticket from being stored in the ticket memory means when 
verification is not successful . 

Claim 16 (Cancelled). 

Claim 17 (Currently Amended): An application server according to Claim [[16]] 15, 
further comprising 

a session key generating means for calculating a session secret key which is shared 
with the user terminal from a private key of the application server and an public key of the 
user terminal; 

and a packet verifying means for verifying whether or not a packet received from the 
user terminal is forged using the session secret key and for preventing the ticket from being 
stored in response to a verification output indicating the presence of a forgery. 

Claim 18 (Currently Amended): An application server according to Claim 17 in 
which the ticket verifying means comprises collating [[is]] means for verifying, when the 
received to which a packet which has been verified by the packet verifying means as not 
forged^ is input and which v e rifi e s whether or not the key information contained in the ticket 
r e lating to th e public key of th e user t e rminal corresponds to the public key of the user 
terminal which has been used in the calculation of the session secret key. 
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Claim 19 (Currently Amended): An application server according to Claim [[16]] 15. 
in which the ticket verifying means comprises terminal authenticating [[is]] means to which 
an authentication purpose shared secret key which is shared with the user terminal and a 
session dependent information which changes each time a session is established are input and 
which processes the session dependent information using the authentication purpose shared 
secret key, collates a result of the processing against the key information in the ticket and 
verifies the authenticity of the ticket by seeing whether or not a matching between the result 
of processing and the key information applies. 

Claim 20 (Currently Amended): An application server according to Claim [[16]] 15 
in which the ticket verifying means comprises means for verifying whether or not the source 
address of the received packet coincides with the address contained in the ticket within the 
packet and for preventing the ticket from being stored in response to a detection output which 
indicates a non-coincidence. 

Claim 21 (Currently Amended): [[An]] A computer readable storage medium having 
stored thereon an authentication server program for allowing a computer to function as an 
authentication server as defined in Claim 7. 

Claim 22 (Currently Amended): A computer readable storage medium having stored 
thereon a user terminal program for allowing a computer to function as a user terminal 
according to Claim 12. 
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Claim 23 (Currently Amended): [[An]] A computer readable sto rage medium having 
stored thereon an application server program for allowing a computer to function as an 
application server according to Claim 15. 

Claim 24 (New): The system according to Claim 1, in which the authentication server 
has a secret key and public key for digital signature, the step of generating the information for 
authentication at the authentication server is a step for computing a digital signature on the 
information including the allocated address using the secret key for the digital signature, 

the ticket verifying step at the application server is a step for verifying the presence 
or absence of any forgery in the information for authentication in the ticket using the public 
key of the authentication server. 

Claim 25 (New): The authentication server according to Claim 7, wherein the 
authentication server has a secret key and a public key for digital signature, and said ticket 
issuing means comprises: an authentication information generating means for computing a 
digital signature on the information including at least the allocated address using the secret 
key for the digital signature to produce the information for authentication so that the 
application server can verify the presence or absence of any forgery in the information for 
authentication in the ticket using the public key of the authentication server. 
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